Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1412 — Apple MAC OS X vulnerability

3 documents3 sources

Severity

2.1LOWNVD

EPSS

0.2%

top 54.03%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple MAC OS X

Timeline

PublishedNov 17

Latest updateApr 30

Description

nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/mac_os_x10.4.9

Patches

Patch: www.securemac.com ↗Patch: www.securemac.com ↗

🔴Vulnerability Details

GHSA

GHSA-4xg9-r6jc-wpcq: nidump on MacOS X before 10↗2022-04-30

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX 10 - nidump Password File Disclosure↗2001-06-26

▶